NERC, FERC to WSJ: so disappointed in you

Maybe you’ve seen it. In fact, you’ve probably seen it. I saw it on CBS This Morning today.

“It” is the Wall Street Journal (WSJ) article on how the U.S. “could suffer a coast-to-cost blackout” if someone—an angry little someone one imagines—took out just nine specific substations. The article doesn’t name the nine substations, thankfully, and most of the later half of the article is actually devoted to a rehashing of the Metcalf substation attack from last year, but just those first few paragraphs about this Federal Energy Regulatory Commission (FERC) power flow study were enough to set the industry and the general news media a-buzz.

"Today’s publication by The Wall Street Journal of sensitive information about the grid undermines the careful work done by professionals who dedicate their careers to providing the American people with a reliable and secure grid. The Wall Street Journal has appropriately declined to identify by name particularly critical substations throughout the country. Nonetheless, the publication of other sensitive information is highly irresponsible. While there may be value in a general discussion of the steps we take to keep the grid safe, the publication of sensitive material about the grid crosses the line from transparency to irresponsibility, and gives those who would do us harm a roadmap to achieve malicious designs. The American people deserve better."

The North American Reliability Corporation (NERC)—which shoulders grid reliability responsibility with FERC—also released a statement. In part, it stated:

“The electricity industry has always made reliability a priority. This is done through mandatory reliability standards and guidelines, including cyber and physical security; and through focus by utilities on preparation, prevention, response and recovery efforts, including industry and government spare equipment programs.

While much work has been done and much more is ongoing, it is disappointing and concerning that the media would choose to disregard the existing security of our nation’s infrastructure and publish information that could impact the security of our grid. Publicly discussing specific vulnerabilities of critical grid assets raises serious national security concerns and undermines the substantial, ongoing work that NERC, industry and government are doing to strengthen our grid against potential cyber and physical security attacks. Articles like this one do nothing to improve security, rather they jeopardize it.”

In related news, on March 7, the Federal Energy Regulatory Commission (FERC) directed the North American Electric Reliability Corporation (NERC) to develop reliability standards requiring owners and operators of the grid (or bulk electric system) to address risks due to physical security threats and vulnerabilities.

The reliability standards require owners/operators to take at least three steps to protect physical security.

(1.) Owners and operators must perform a risk assessment of their system to identify facilities that, if rendered inoperable or damaged, could have a critical impact on the operation of the interconnection through instability, uncontrolled separation, or cascading failures.(2.) Owners and operators of critical facilities must evaluate potential threats and vulnerabilities to those facilities. (3.) Owners and operators must develop and implement a security plan to address potential threats and vulnerabilities.

How do you feel about the WSJ article, the report or grid security? Tell us in the comments below or on Twitter. Just direct it to us @IntelUtil.

Kathleen's a writer with three too many college degrees and twenty years writing about the power biz. She's now completely focused on how one good social media account can pave the way for utility 2.0.

26,506 Subscribers

Like the rest of the world, utilities are becoming more and more digital. This affects almost every aspect of a utility – including customer service, generation, transmission, distribution and energy management. While this is an exciting time, it is also confusing. The mission of our community is to bring together utility folks who are in the thick of the digital utility transformation.

Sponsors

The Kony Mobility Platform is an open and standards-based, integrated platform for mobile app development and beyond. It supports the entire application software development lifecycle (SDLC) and empowers enterprises to quickly design and deploy.

Sensus, a Xylem brand, helps the world’s public service providers do more with their infrastructure by providing technology and data-driven insights that deliver efficiency and responsiveness. When we work together, nothing’s out of reach.